Task 1: ARP Cache Poisoning This exercise aims to perform an ARP

Task 1: ARP Cache Poisoning

This exercise aims to perform an ARP cache poisoning attack against a target using packet spoofing.

Setting up the VMs and Network environment:

A Ping request will be issued from A to B and from M to A and B. We’ll next validate each machine’s ARP cache using the arp -n command:

Host A

Host B

Host M (Attacker)

Task 1A (Perform ARP cache poisoning using ARP request):

In this job, you must use the ARP request technique to request to alter the “A” ARP catch.

Start writing the following code in a python script using the nano program:

So, now we will execute the code below to send spoofed ARP requests:

sudo python arp-request.py

The attacker’s MAC address has been changed in the mapped MAC address for host B on the A machine:

Task 1B (Perform ARP cache poisoning using ARP reply):

In this job, you must use the ARP reply mechanism to make a request to alter “A” ARP catch.

Using the nano tool, create a python script and begin writing the following code: (The code is the same as the previous task, only change “op = 1” to “op = 2”)

In this step, we will send a spoofed ARP reply.

sudo python arp_reply.py

Open “A” and type the command:

$ arp -n

Task 1C (using ARP gratuitous message):

You must send a request to modify an ARP catch using an ARP gratuitous message in this job.

Using the nano tool, create a python script and begin writing the following code:

Here we will send gratuitous packet:

sudo python gratuitous.py

Open “A” and type the command:

$ arp -n

Host A:

Host M:

Task 2: MITM Attack on Telnet using ARP Cache Poisoning

Step 1 (Launch the ARP cache poisoning attack):

You must make a request to alter both “A” and “B” ARP catch in this job, with “A” mapping to “M” and “B” mapping to “M.”

Using the nano tool, create a python script and begin writing the following code:

Open both “A”, and “B” and type the command:

$ arp -n

ARP table on host A:

ARP table on host B:

Step 2 (Testing)

You must do a ping test from both “A” and “B” and examine the recorded packets in Wireshark when IP forwarding is disabled on “M” in this job.

Open “M” and type the following command to disable IP forwarding:

$ sysctl net.ipv4.ip_forward=0

Sending Ping packet from host A to host B:

The request required a long time to resolve B’s MAC address, thus ARP packets were issued until the proper B’s MAC address was found.

ARP Cache on host A been updated with host B correct MAC address

Step 3 (Turn on IP forwarding)

You must do a ping test from both “A” and “B” and examine the recorded packets in Wireshark when IP forwarding is enabled on “M” in this assignment.

Open “M” and type the following command to enable IP forwarding:

$ sysctl net.ipv4.ip_forward=1

ARP cache poisoning:

IP Forwarding Enabled

Ping packet transmission from host A to host B:

Step 4 (Launch the MITM attack):

We wrote the following software to sniff packets sent from A to B and replace any letter with Z:

We will execute the below code:

sudo python mitm.py

While IP forwarding enabled, we establish a Telnet connection between A and B:

Telnet 10.0.2.4

Turning off the IP forwarding:

sudo sysctl net.ipv4.ip_forward=0

We type a letter on host A and we got the following:

The letter has been substituted with the letter Z in the packet.

Task 3: MITM Attack on Netcat using ARP Cache Poisoning

This assignment is identical to Task 2, except that instead of telnet, Hosts A and B communicate via netcat. Host M wants to listen in on their conversation so that it can alter the data transferred between A and B.

Start a Netcat connection between the host A and host B:

Host A:

Telnet 10.0.2.3

After that, we are going to execute the Netcat command:

nc 10.0.2.3 9090

Host B:

nc -lv 9090

In task 2, we changed the MITM program to write “I Hate You” instead of “Hi”:

Before MITM Attack:

Replacing Hi with I Hate You after MITM Attack:

In the host A:

In the host B:

I hope I did it as required and match the requests

– The End of the LAB –